In general, a user of a computer needs to perform an authentication procedure to have an access authority by inputting his/her ID and password into a host computer or a network, in order to access limited information or to use a membership service.
Such an authentication procedure is increasingly used in various fields with the development of electronic commerce and the expansion of online financial service, and there is an increasing demand for a simpler and safer authentication procedure.
Specifically, FinTech services are expanding since methods for solving the inconvenience of having to go through a payment authentication procedure every time payment is made, such as PayPal™, have appeared, and various payments methods and complex authentication methods are appearing.
In recent years, not only mobile unlocking or password setting through fingerprint recognition or biometric information authentication through fingerprint recognition, but also various personal authentication, and personal identification systems and methods based on iris recognition, which has a higher identification accuracy than that of fingerprint recognition, are appearing.
However, such biometric information complex authentication systems and methods have limits since biometric information used therein is unique to each individual person, but is permanent, and thus has the risk of being leaked and illegally used.
In particular, in recent years, various services of FinTech are expanding, and various attempts to use personal biometric information in existing complex authentication methods such as mobile transfer, mobile payment, etc. are being made, and accordingly, methods for personal authentication and personal identification using personal biometric information are being applied. Therefore, such limits may become a big problem.
Amounts of produced data abruptly increase under the influence of social media, big data, IoT, etc., and cloud services which are popularly used are utilized for companies as well as for individuals, and web storage service are also increasingly used since a plurality of users can share specific data and use. However, since such cloud services or web storage services perform only personal authentication procedures simply by using users' passwords as authentication procedures to obtain an access authority, there is a problem that security is vulnerable.
Accordingly, in authentication procedures for cloud services or web storage service, there is a demand for a method for enhancing security through a complex authentication procedure, such as an solidarity authentication among a plurality of users of a set user group, rather than an authentication procedure using a personal password or biometric information, and also, there is a demand for a new concept complex authentication system and a complex authentication method, which can minimize a damage even if biometric information is leaked.